Hasty Briefsbeta

Bilingual

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

4 hours ago
  • #macOS security
  • #vulnerability fixes
  • #system updates
  • macOS Tahoe 26.5 was released on May 11, 2026, addressing multiple security vulnerabilities across various system components.
  • Key vulnerabilities include: Accelerate (CVE-2026-28991) with an out-of-bounds read causing denial-of-service; Accounts (CVE-2026-28988) allowing app bypass of Privacy preferences; APFS (CVE-2026-28959) with buffer overflow leading to system termination; App Intents (CVE-2026-28995) enabling sandbox escape.
  • AppleJPEG vulnerabilities (CVE-2026-1837, CVE-2026-28956) affect image processing, causing denial-of-service or memory corruption.
  • CoreMedia (CVE-2026-28922) and CoreServices (CVE-2026-28936) vulnerabilities risk private info access and app termination.
  • CUPS (CVE-2026-28915) has a parsing issue allowing root privilege escalation.
  • FileProvider (CVE-2026-43659) addresses a race condition for sensitive data access.
  • GPU Drivers (CVE-2026-28923) and HFS (CVE-2026-28925) vulnerabilities involve sandbox escape and kernel memory writes.
  • ImageIO vulnerabilities (CVE-2026-43661, CVE-2026-28977, CVE-2026-28990) risk memory corruption and app termination from malicious images.
  • Installer (CVE-2026-28978) and IOHIDFamily (CVE-2026-28992, CVE-2026-28943) address sandbox escape, app termination, and kernel memory layout disclosure.
  • IOKit (CVE-2026-28969) and IOSurfaceAccelerator (CVE-2026-43655) vulnerabilities cause system termination or kernel memory reads.
  • Multiple Kernel vulnerabilities include memory disclosure (CVE-2026-43654), file system modification (CVE-2026-28908), Gatekeeper bypass (CVE-2026-28954), system termination (CVE-2026-28897, CVE-2026-28952, CVE-2026-28986), root privilege escalation (CVE-2026-28951), and kernel memory writes (CVE-2026-28972).
  • LaunchServices (CVE-2026-28983) and Mail Drafts (CVE-2026-28929) address denial-of-service and remote image display issues.
  • mDNSResponder vulnerabilities (CVE-2026-43653, CVE-2026-28985, CVE-2026-43668, CVE-2026-43666) risk denial-of-service and memory corruption from network attacks.
  • Model I/O (CVE-2026-28941, CVE-2026-28940), Network Extensions (CVE-2026-28961), and Networking (CVE-2026-28906) address file/image processing risks and user tracking.
  • Quick Look (CVE-2026-43656), Sandbox (CVE-2026-43652), SceneKit (CVE-2026-39870, CVE-2026-28846), Shortcuts (CVE-2026-28993) vulnerabilities include app termination, data access, and memory corruption.
  • SMB (CVE-2026-28848), Spotlight (CVE-2026-28930, CVE-2026-28974), Storage (CVE-2026-28996), StorageKit (CVE-2026-28919) address system termination, data access, denial-of-service, and root privilege escalation.
  • Sync Services (CVE-2026-28924), TV App (CVE-2026-39871), UserAccountUpdater (CVE-2026-28976) vulnerabilities involve Contacts access, unprotected data observation, and root privileges.
  • WebKit vulnerabilities (multiple CVE IDs) include Content Security Policy bypass, sensitive info disclosure, unexpected crashes, and data access.
  • WebRTC (CVE-2026-28944) and Wi-Fi (CVE-2026-28819, CVE-2026-28994) vulnerabilities risk process crashes, kernel privilege execution, and denial-of-service.
  • zip (CVE-2026-28914) and zlib (CVE-2026-28920) address Gatekeeper bypass and data leakage.
  • Additional acknowledgments are given to contributors across various components like App Intents, Apple Account, Kernel, WebKit, etc.
About|Login